如何在弹出窗口中通过 OAuth 2.0 向 Google 进行身份验证? [英] How to authenticate with Google via OAuth 2.0 in a popup?

问题描述

抱歉进行了大量编辑.我要重新开始，因为我没有正确陈述我的问题.

Sorry for a big edit. I am starting over as I am not stating my question correctly.

我正在尝试用 HTML5 编写客户端应用程序.我不希望它托管在网站上.我什至不确定这是否可行，我对这种类型的应用程序还很陌生.

I am trying to write a client side app in HTML5. I do not want it to be hosted on a website. I am not even sure this is possible, I am fairly new to this type of application.

无论如何，我想访问谷歌服务，需要像OAuth这样的身份验证.因为它是 javascript，所以听起来像 OAuth2 是我需要的.

Anyway, I want to access Google services, which requires authenticate such as OAuth. Being that it is javascript, it sounds like OAuth2 is what I need.

我正在尝试在弹出窗口中打开 google 身份验证(我有这部分)，让用户允许访问，然后将流程传回我的应用程序，然后该应用程序可以查询 Google 服务.问题是 1. 每当我使用 response_type=code 时，它都会要求用户将令牌复制/粘贴到应用程序中，但是如果我使用 response_type=token，它要求我重定向回一个有效的 URL，因为它没有托管在网络服务器上，所以没有.

I am trying to open up the google authentication in a popup (I have this part), let the user allow access, and then pass flow back to my application which can then query Google services. Problem is either 1. it asks the user to copy/paste a token into the app whenever I use response_type=code, but if I use response_type=token it requires that I redirect back to a valid URL which, since this is not hosted on a webserver, there is none.

那么如何使用 OAuth，让用户无缝授予访问权限?

So how can I use OAuth, and let the user grant access seamlessly?

推荐答案

您应该定义一些重定向 URL，供 Google 在身份验证完成后重定向到.如果您无法在任何网站上托管您的页面，您可以很好地将其托管在本地主机上.

You should have some Redirect URL defined for Google to redirect to after the authentication is done. If you cant host your pages on any web site, you can very well host it in local host.

关于从弹出窗口获取访问令牌到主父窗口，您可以在父窗口中设置一个计时器，不断检查弹出窗口的文档位置.一旦文档位置与重定向 URL 匹配，您就可以解析将在 URL 本身中的访问令牌.

Regarding getting the access token from the popup to the main parent window, you can setup a timer in parent window which keeps on checking the document location of the popup. Once the document location matches the Redirect URL, u can parse the access token which will will be in the URL itself.

我昨天写了一篇关于完全相同问题的教程(使用本地主机)，这里是链接:http://www.gethugames.in/2012/04/authentication-and-authorization-for-google-apis-in-javascript-popup-window-tutorial.html

I wrote a tutorial on exactly the same problem (using local host) yesterday and here is the link: http://www.gethugames.in/2012/04/authentication-and-authorization-for-google-apis-in-javascript-popup-window-tutorial.html

希望你会觉得它有用.

这篇关于如何在弹出窗口中通过 OAuth 2.0 向 Google 进行身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！